From d538892da62ce2614b9493e64b79f8bac1438fb6 Mon Sep 17 00:00:00 2001
From: Nicholas Tay
Date: Wed, 22 Feb 2023 20:47:39 +0100
Subject: Somewhat working options page
Need to fix per tab thing
---
background.js | 41 ++++++++++++++++++++++++++++-------------
manifest.json | 10 ++++++++--
options.html | 26 ++++++++++++++++++++++++++
options.js | 41 +++++++++++++++++++++++++++++++++++++++++
4 files changed, 103 insertions(+), 15 deletions(-)
create mode 100644 options.html
create mode 100644 options.js
diff --git a/background.js b/background.js
index f619df2..59c6c2b 100644
--- a/background.js
+++ b/background.js
@@ -1,5 +1,7 @@
// Based on https://github.com/mdn/webextensions-examples/blob/main/root-cert-stats/background.js
+let certs = [];
+
// On header receive, inspect cert and update app icon as required
async function onHeaderReceive(details) {
try {
@@ -26,9 +28,12 @@ async function certInspectUpdate(requestId) {
// root is last in the array cert chain
let rootCA = securityInfo.certificates[securityInfo.certificates.length - 1];
- if (rootCA.subject.includes("CN=GlobalSign Root CA")) {
- setIcon("nope");
- return;
+
+ for (let cert of certs) {
+ if (rootCA.subject.includes(cert)) {
+ setIcon("nope");
+ return;
+ }
}
setIcon("ok");
@@ -38,13 +43,23 @@ function setIcon(icon) {
browser.browserAction.setIcon({ path: "icons/" + icon + ".png" });
}
-// Listen for all header receive events, which contain the cert details we want
-browser.webRequest.onHeadersReceived.addListener(
- onHeaderReceive,
- {
- urls: [""]
- },
- [
- "blocking"
- ]
-);
\ No newline at end of file
+function onReady() {
+ // Listen for all header receive events, which contain the cert details we want
+ browser.webRequest.onHeadersReceived.addListener(
+ onHeaderReceive,
+ {
+ urls: [""]
+ },
+ [
+ "blocking"
+ ]
+ );
+}
+
+// Fetch config for certs list
+const getting = browser.storage.sync.get("certs");
+getting.then(saved => {
+ certs = saved.certs;
+ console.log("certs=" + certs)
+ onReady();
+}, console.error);
\ No newline at end of file
diff --git a/manifest.json b/manifest.json
index acfa2fd..b685674 100644
--- a/manifest.json
+++ b/manifest.json
@@ -4,7 +4,7 @@
"description": "Keep an eye on your certs, because who can be certain what they are.",
"author": "Nicholas Tay ",
"version": "0.1.0",
- "permissions": ["webRequest", "webRequestBlocking", ""],
+ "permissions": [ "webRequest", "webRequestBlocking", "", "storage" ],
"background": {
"scripts": [ "background.js" ]
},
@@ -18,7 +18,13 @@
},
"browser_specific_settings": {
"gecko": {
- "strict_min_version": "62.0b5"
+ "strict_min_version": "62.0b5",
+ "id": "certain@nick.windblume.net"
}
+ },
+ "options_ui": {
+ "page": "options.html",
+ "open_in_tab": true,
+ "browser_style": false
}
}
diff --git a/options.html b/options.html
new file mode 100644
index 0000000..f04166d
--- /dev/null
+++ b/options.html
@@ -0,0 +1,26 @@
+
+
+
+
+
+
+ c/ertain
+ Extension settings
+
+
+ Set up the issuer info for CAs you want to mark as insecure here (as matching substrings). Erase field and save to remove.
+
+
+ As per MDN: For example: "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US".
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/options.js b/options.js
new file mode 100644
index 0000000..2d42932
--- /dev/null
+++ b/options.js
@@ -0,0 +1,41 @@
+function addCertField() {
+ let elem = document.getElementById("certs");
+ elem.insertAdjacentHTML("beforeend", ``)
+}
+
+function saveOptions() {
+ let certs = [];
+ for (let child of document.getElementById("certs").children) {
+ let cert = child.children[0].value;
+ if (!cert)
+ continue;
+ certs.push(cert);
+ }
+ browser.storage.sync.set({
+ certs: certs
+ }).then(() => {
+ restoreOptions(); // reload list
+ alert("Saved");
+ });
+}
+
+function restoreOptions() {
+ let getting = browser.storage.sync.get("certs");
+ getting.then(saved => {
+ let certs = saved.certs || [];
+ let elem = document.getElementById("certs");
+ elem.innerHTML = "";
+ for (let cert of certs) {
+ let li = document.createElement("li");
+ let input = document.createElement("input");
+ input.type = "text";
+ input.value = cert;
+ li.appendChild(input);
+ elem.appendChild(li);
+ }
+ }, console.error);
+}
+
+document.addEventListener("DOMContentLoaded", restoreOptions);
+document.getElementById("save").addEventListener("click", saveOptions);
+document.getElementById("addCert").addEventListener("click", addCertField)
\ No newline at end of file
--
cgit